nodejs
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tools: enable CodeQL config file 

A previous change designed to ignore test files in CodeQL scans had
multiple problems. This fixes the CodeQL scan breakage. It adds a
CodeQL config file, which allows us to ignore the test directory
in our scans.

Refs: https://github.com/nodejs/node/pull/57978#issuecomment-2829182983
Refs: https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning#specifying-directories-to-scan
PR-URL: https://github.com/nodejs/node/pull/58036
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
Rich Trott 2025-04-28 06:34:47 -07:00 committed by GitHub
parent 6cd1c09c10
commit 067a779f17
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.github/codeql-config.yml vendored Normal file
View File

@ -0,0 +1,4 @@
name: CodeQL config
paths-ignore:
- test

4
.github/workflows/codeql.yml vendored
View File

@ -7,9 +7,6 @@ on:
permissions:
contents: read
paths-to-ignore:
- test
jobs:
analyze:
name: Analyze
@ -33,6 +30,7 @@ jobs:
uses: github/codeql-action/init@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql-config.yml
- name: Autobuild
uses: github/codeql-action/autobuild@6bb031afdd8eb862ea3fc1848194185e076637e5 # v3.28.11